<?php
session_start();
include '../inc/d.php';
if (isset($_POST['account'])) {
    if (empty(trim($_POST['account']))) {
        echo '账号不能为空';
    } elseif (empty(trim($_POST['passwd']))) {
        echo '密码不能为空';
    } else {
        $account = $_POST['account'];
        $passwd = $_POST['passwd'];
        $mm = mm($passwd, $account);
        if (exists('hw_su', "su_account='$account' and su_passwd='$mm'")) {
            echo '登录成功';
            $_SESSION['su'] = $account;
            $arr_assoc['su_last_time'] = time();
            $arr_assoc['su_last_ip'] = sprintf('%u', ip2long($_SERVER['REMOTE_ADDR']));
            updateByWhere('hw_su', $arr_assoc, "su_account='$account'");
            header('refresh:3;url=sys_main.php');
        } else {
            echo '请检查账号密码';
        }
    }
}
?>

<!DOCTYPE html>
<html lang="zh">
<head>
    <meta charset="utf-8">
    <title>admin</title>
</head>
<body>
<h3>管理员登陆</h3>
<form action="" method="post">
    账号：<input type="text" name="account"><br>
    密码: <input type="password" name="passwd">
    <input type="submit" value="提交">
</form>
</body>
</html>
